/*
 * HSM Proxy Project.
 * Copyright (C) 2013 FedICT.
 *
 * This is free software; you can redistribute it and/or modify it
 * under the terms of the GNU Lesser General Public License version
 * 3.0 as published by the Free Software Foundation.
 *
 * This software is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this software; if not, see 
 * http://www.gnu.org/licenses/.
 */

package be.fedict.hsm.admin.webapp.security;

import java.security.cert.X509Certificate;

import javax.ejb.EJB;
import javax.ejb.Stateless;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

import be.fedict.eid.applet.service.spi.AuditService;
import be.fedict.hsm.model.security.SecurityAuditGeneratorBean;

@Stateless
@EJB(name = "java:global/AdministratorAuditServiceBean", beanInterface = AuditService.class)
public class AdministratorAuditServiceBean implements AuditService {

	private static final Log LOG = LogFactory
			.getLog(AdministratorAuditServiceBean.class);

	@EJB
	private SecurityAuditGeneratorBean securityAuditGeneratorBean;

	@Override
	public void authenticated(String userId) {
		LOG.debug("authenticated: " + userId);
	}

	@Override
	public void identified(String userId) {
		// not applicable
	}

	@Override
	public void authenticationError(String remoteAddress,
			X509Certificate clientCertificate) {
		LOG.error("authentication error: " + remoteAddress);
		LOG.error("client certificate: " + clientCertificate);
		this.securityAuditGeneratorBean
				.adminAuthenticationError(clientCertificate);
	}

	@Override
	public void identityIntegrityError(String remoteAddress) {
		LOG.error("identity integrity error: " + remoteAddress);
		this.securityAuditGeneratorBean.adminAuthenticationError();
	}

	@Override
	public void signatureError(String remoteAddress,
			X509Certificate clientCertificate) {
		// not applicable
	}

	@Override
	public void signed(String userId) {
		// not applicable
	}
}
